Sending and Reading Secure Emails

Public key infrastructure (PKI) enhances email security by verifying sender and recipient identities. It ensures message authenticity and confidentiality through digital signatures and encryption.

  • Signing an email with your private key authenticates you as the sender and confirms that the message has not been altered.
  • Encrypting an email message with the recipient's public key ensures that only the intended recipient can decrypt and read the message and its attachments.

Sign an Email

A digital signature combines your private key with the email message to authenticate you as the sender and ensure message integrity.

To sign your email:

  1. Connect your Crescendo deviceText-collapsed icon: Insert your HID Crescendo contact card (chip-side up and chip first) into the smart card reader, or place your HID Crescendo contactless card on a contactless smart card reader, or plug the HID Crescendo Key into a USB port and wait for a steady or flashing green light..
  2. Compose your email message.
  3. In your email application's security menu, select the digital signature Digital signature icon option.
  4. When prompted, enter the PIN protecting your signing certificate.
  5. Send your signed email.

Read a Signed Email

If you receive a digitally signed email message, you can use your email client to validate the sender's identity.

Click the signed message that you want to read. If the sender is successfully authenticated, the message appears with a secure message icon.

Encrypt an Email

To encrypt an email, your email client must Closedhave access to the recipient's certificate.

In large organizations, user certificates are typically stored in a global address list (GAL) allowing email applications to retrieve them automatically. If the recipient's certificate is not available in the GAL, you can:

  • Ask them to send you a signed email — their certificate will be automatically imported into your email client.

  • Request their certificate directly and import it manually into your email client.

To encrypt an email:

  1. Connect your Crescendo deviceText-collapsed icon: Insert your HID Crescendo contact card (chip-side up and chip first) into the smart card reader, or place your HID Crescendo contactless card on a contactless smart card reader, or plug the HID Crescendo Key into a USB port and wait for a steady or flashing green light..
  2. Compose your email message.
  3. In your email application's security menu, select the encryption Encryption icon option.
  4. If prompted, enter the PIN protecting your own certificate.
  5. Send your encrypted email.

Decrypt an Email

To decrypt an email:

  1. Connect your Crescendo deviceText-collapsed icon: Insert your HID Crescendo contact card (chip-side up and chip first) into the smart card reader, or place your HID Crescendo contactless card on a contactless smart card reader, or plug the HID Crescendo Key into a USB port and wait for a steady or flashing green light..

  2. Click the encrypted message you want to read.

  3. Enter your PIN.

    The email message and attachments will be displayed along with the secure message icon informing you of the encryption status.